Skip to content

Commit

Permalink
Merge pull request #325 from dajiaji/bump-to-v2_2_0
Browse files Browse the repository at this point in the history
Bump up version to v2.2.0.
  • Loading branch information
dajiaji authored Jan 1, 2023
2 parents 224db70 + 5d32d32 commit c025a02
Show file tree
Hide file tree
Showing 6 changed files with 68 additions and 51 deletions.
18 changes: 18 additions & 0 deletions CHANGES.rst
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,24 @@ Changes
Unreleased
----------

Version 2.2.0
-------------

Released 2023-01-01

- Add support for countersignatures. `#323 <https://github.com/dajiaji/python-cwt/pull/323>`__
- Remove Python 3.7 from CI temporarilly. `#323 <https://github.com/dajiaji/python-cwt/pull/323>`__
- Enhance COSE message validation. `#300 <https://github.com/dajiaji/python-cwt/pull/300>`__
- Add test and sample for COSE-HPKE MAC. `#297 <https://github.com/dajiaji/python-cwt/pull/297>`__
- Add Python 3.11 to CI. `#296 <https://github.com/dajiaji/python-cwt/pull/296>`__
- Update dependencies.
- Bump cbor2 from 5.4.6. `#302 <https://github.com/dajiaji/python-cwt/pull/302>`__
- Update dev dependencies.
- Bump tox to 4.1.2. `#323 <https://github.com/dajiaji/python-cwt/pull/323>`__
- Bump pre-commit/isort to 5.11.3. `#311 <https://github.com/dajiaji/python-cwt/pull/311>`__
- Bump pre-commit/black to 22.12.0. `#306 <https://github.com/dajiaji/python-cwt/pull/306>`__
- Bump certifi to 2022.12.7. `#303 <https://github.com/dajiaji/python-cwt/pull/303>`__

Version 2.1.0
-------------

Expand Down
15 changes: 10 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,10 @@

Python CWT is a CBOR Web Token (CWT) and CBOR Object Signing and Encryption (COSE)
implementation compliant with:
- [RFC9052: CBOR Object Signing and Encryption (COSE): Structures and Process](https://www.rfc-editor.org/rfc/rfc9052.html)
- [RFC9053: CBOR Object Signing and Encryption (COSE): Initial Algorithms](https://www.rfc-editor.org/rfc/rfc9053.html)
- [RFC9338: CBOR Object Signing and Encryption (COSE): Countersignatures](https://www.rfc-editor.org/rfc/rfc9338.html)
- [RFC8392: CWT (CBOR Web Token)](https://tools.ietf.org/html/rfc8392)
- [RFC8152: COSE (CBOR Object Signing and Encryption)](https://tools.ietf.org/html/rfc8152)
- and related various specifications. See [Referenced Specifications](#referenced-specifications).

It is designed to make users who already know about [JWS](https://tools.ietf.org/html/rfc7515)/[JWE](https://tools.ietf.org/html/rfc7516)/[JWT](https://tools.ietf.org/html/rfc7519)
Expand Down Expand Up @@ -1656,11 +1658,14 @@ See [Documentation](https://python-readthedocs.io/en/stable/algorithms.html).

Python CWT is (partially) compliant with following specifications:

- [RFC8152: CBOR Object Signing and Encryption (COSE)](https://tools.ietf.org/html/rfc8152)
- [RFC8230: Using RSA Algorithms with COSE Messages](https://tools.ietf.org/html/rfc8230)
- [RFC8392: CBOR Web Token (CWT)](https://tools.ietf.org/html/rfc8392)
- [RFC8747: Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)](https://tools.ietf.org/html/rfc8747)
- [RFC9052: CBOR Object Signing and Encryption (COSE): Structures and Process](https://www.rfc-editor.org/rfc/rfc9052.html)
- [RFC9053: CBOR Object Signing and Encryption (COSE): Initial Algorithms](https://www.rfc-editor.org/rfc/rfc9053.html)
- [RFC9338: CBOR Object Signing and Encryption (COSE): Countersignatures](https://www.rfc-editor.org/rfc/rfc9338.html)
- [RFC8812: COSE and JOSE Registrations for Web Authentication (WebAuthn) Algorithms](https://tools.ietf.org/html/rfc8812)
- [RFC8747: Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)](https://tools.ietf.org/html/rfc8747)
- [RFC8392: CWT (CBOR Web Token)](https://tools.ietf.org/html/rfc8392)
- [RFC8230: Using RSA Algorithms with COSE Messages](https://tools.ietf.org/html/rfc8230)
- [RFC8152: CBOR Object Signing and Encryption (COSE)](https://tools.ietf.org/html/rfc8152)
- [Electronic Health Certificate Specification](https://github.com/ehn-dcc-development/hcert-spec/blob/main/hcert_spec.md)
- [Technical Specifications for Digital Green Certificates Volume 1](https://ec.europa.eu/health/sites/default/files/ehealth/docs/digital-green-certificates_v1_en.pdf)

Expand Down
2 changes: 1 addition & 1 deletion cwt/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
from .recipient import Recipient
from .signer import Signer

__version__ = "2.1.0"
__version__ = "2.2.0"
__title__ = "cwt"
__description__ = "A Python implementation of CWT/COSE"
__url__ = "https://python-cwt.readthedocs.io"
Expand Down
66 changes: 38 additions & 28 deletions docs/index.rst
Original file line number Diff line number Diff line change
Expand Up @@ -7,15 +7,7 @@ Welcome to Python CWT
=====================

Python CWT is a CBOR Web Token (CWT) and CBOR Object Signing and Encryption (COSE)
implementation compliant with:

- `RFC8392: CBOR Web Token (CWT)`_
- `RFC8152: CBOR Object Signing and Encryption (COSE)`_
- and related various specifications. See `Referenced Specifications`_.

It is designed to make users who already know about `JWS`_/`JWE`_/`JWT`_
be able to use it in ease. Little knowledge of `CBOR`_/`COSE`_/`CWT`_
is required to use it.
implementation compliant with `various COSE related specifications`_.

You can install Python CWT with pip:

Expand All @@ -26,16 +18,43 @@ You can install Python CWT with pip:
And then, you can use it as follows:

.. code-block:: pycon
COSE API:

.. code-block:: python
from cwt import COSE, COSEKey
mac_key = COSEKey.generate_symmetric_key(alg="HS256", kid="01")
# The sender side:
sender = COSE.new()
encoded = sender.encode(
b"Hello world!",
mac_key,
protected={"alg": "HS256"},
unprotected={"kid": "01"},
)
# The recipient side:
recipient = COSE.new()
assert b"Hello world!" == recipient.decode(encoded, mac_key)
CWT API:

.. code-block:: python
import cwt
from cwt import COSEKey
mac_key = COSEKey.generate_symmetric_key(alg="HS256", kid="01")
# The sender side:
token = encode({1: "coaps://as.example", 2: "dajiaji", 7: b"123"}, mac_key)
# The recipient side:
decoded = decode(token, mac_key)
# decoded == {1: 'coaps://as.example', 2: 'dajiaji', 7: b'123', 4: 1620088759, 5: 1620085159, 6: 1620085159}
>>> import cwt
>>> from cwt import COSEKey
>>> key = COSEKey.from_symmetric_key(alg="HS256")
>>> token = cwt.encode({"iss": "coaps://as.example", "sub": "dajiaji", "cti": "123"}, key)
>>> token.hex()
'd18443a10105a05835a60172636f6170733a2f2f61732e6578616d706c65026764616a69616a690743313233041a60c6a60b051a60c697fb061a60c697fb582019d4a89e141e3a8805ba1c90d81a8a2dd8261464dce379d8af8044d1cc062258'
>>> cwt.decode(token, key)
{1: 'coaps://as.example', 2: 'dajiaji', 7: b'123', 4: 1620088759, 5: 1620085159, 6: 1620085159}
Index
-----
Expand All @@ -47,15 +66,6 @@ Index
api
claims
algorithms
specs
changes

.. _`RFC8392: CBOR Web Token (CWT)`: https://tools.ietf.org/html/rfc8392
.. _`RFC8152: CBOR Object Signing and Encryption (COSE)`: https://tools.ietf.org/html/rfc8152
.. _`CBOR`: https://tools.ietf.org/html/rfc7049
.. _`COSE`: https://tools.ietf.org/html/rfc8152
.. _`CWT`: https://tools.ietf.org/html/rfc8392
.. _`JWS`: https://tools.ietf.org/html/rfc7515
.. _`JWE`: https://tools.ietf.org/html/rfc7516
.. _`JWT`: https://tools.ietf.org/html/rfc7519
.. _`Referenced Specifications`: ./specs.html
.. _`various COSE related specifications`: https://github.com/dajiaji/python-cwt#referenced-specifications
16 changes: 0 additions & 16 deletions docs/specs.rst

This file was deleted.

2 changes: 1 addition & 1 deletion pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ build-backend = "poetry.core.masonry.api"

[tool.poetry]
name = "cwt"
version = "2.1.0"
version = "2.2.0"
description = "A Python implementation of CWT/COSE."
authors = ["Ajitomi Daisuke <dajiaji@gmail.com>"]
license = "MIT"
Expand Down

0 comments on commit c025a02

Please sign in to comment.